Release note cleanup
Removed info that's internal to keystone and therefore not relevant to deployers. Consistent references to config option names. `` should be used for literal string values, not references. Change-Id: Ia7e11683ed3ae7f19fe6680848bdcbaed954f424
This commit is contained in:
parent
918bfa9747
commit
ee2724a2a2
@ -1,16 +1,13 @@
|
|||||||
---
|
---
|
||||||
features:
|
deprecations:
|
||||||
|
- >
|
||||||
|
[`blueprint deprecated-as-of-mitaka <https://blueprints.launchpad.net/keystone/+spec/deprecated-as-of-mitaka>`_]
|
||||||
|
The V8 Assignment driver interface is deprecated. Support for the V8
|
||||||
|
Assignment driver interface is planned to be removed in the 'O' release of
|
||||||
|
OpenStack.
|
||||||
|
other:
|
||||||
- The list_project_ids_for_user(), list_domain_ids_for_user(),
|
- The list_project_ids_for_user(), list_domain_ids_for_user(),
|
||||||
list_user_ids_for_project(), list_project_ids_for_groups(),
|
list_user_ids_for_project(), list_project_ids_for_groups(),
|
||||||
list_domain_ids_for_groups(), list_role_ids_for_groups_on_project() and
|
list_domain_ids_for_groups(), list_role_ids_for_groups_on_project() and
|
||||||
list_role_ids_for_groups_on_domain() methods have been removed from the
|
list_role_ids_for_groups_on_domain() methods have been removed from the
|
||||||
V9 version of the Assignment driver.
|
V9 version of the Assignment driver.
|
||||||
upgrade:
|
|
||||||
- The V8 Assignment driver interface is deprecated, but still supported in
|
|
||||||
this release, so any custom drivers based on the V8 interface should still
|
|
||||||
work.
|
|
||||||
deprecations:
|
|
||||||
- >
|
|
||||||
[`blueprint deprecated-as-of-mitaka <https://blueprints.launchpad.net/keystone/+spec/deprecated-as-of-mitaka>`_]
|
|
||||||
Support for the V8 Assignment driver interface is planned to be removed in
|
|
||||||
the 'O' release of OpenStack.
|
|
||||||
|
@ -3,8 +3,8 @@ features:
|
|||||||
- >
|
- >
|
||||||
[`blueprint domain-specific-roles <https://blueprints.launchpad.net/keystone/+spec/domain-specific-roles>`_]
|
[`blueprint domain-specific-roles <https://blueprints.launchpad.net/keystone/+spec/domain-specific-roles>`_]
|
||||||
Roles can now be optionally defined as domain specific. Domain specific
|
Roles can now be optionally defined as domain specific. Domain specific
|
||||||
roles are not references in policy files, rather they can be used to allow
|
roles are not referenced in policy files, rather they can be used to allow
|
||||||
a domain to build their own private inference rules with implies roles. A
|
a domain to build their own private inference rules with implied roles. A
|
||||||
domain specific role can be assigned to a domain or project within its
|
domain specific role can be assigned to a domain or project within its
|
||||||
domain, and any subset of global roles it implies will appear in a token
|
domain, and any subset of global roles it implies will appear in a token
|
||||||
scoped to the respective domain or project. The domain specific role
|
scoped to the respective domain or project. The domain specific role
|
||||||
|
@ -1,10 +1,6 @@
|
|||||||
---
|
---
|
||||||
upgrade:
|
|
||||||
- The V8 Role driver interface is deprecated, but still supported in
|
|
||||||
this release, so any custom drivers based on the V8 interface should still
|
|
||||||
work.
|
|
||||||
deprecations:
|
deprecations:
|
||||||
- >
|
- >
|
||||||
[`blueprint deprecated-as-of-mitaka <https://blueprints.launchpad.net/keystone/+spec/deprecated-as-of-mitaka>`_]
|
[`blueprint deprecated-as-of-mitaka <https://blueprints.launchpad.net/keystone/+spec/deprecated-as-of-mitaka>`_]
|
||||||
Support for the V8 Role driver interface is planned to be removed in
|
The V8 Role driver interface is deprecated. Support for the V8 Role driver
|
||||||
the 'O' release of OpenStack.
|
interface is planned to be removed in the 'O' release of OpenStack.
|
||||||
|
@ -1,8 +1,5 @@
|
|||||||
---
|
---
|
||||||
upgrade:
|
deprecations:
|
||||||
- The V8 Resource driver interface is deprecated, but still supported in
|
- The V8 Resource driver interface is deprecated. Support for the V8
|
||||||
this release, so any custom drivers based on the V8 interface should still
|
Resource driver interface is planned to be removed in the 'O' release of
|
||||||
work.
|
OpenStack.
|
||||||
other:
|
|
||||||
- Support for the V8 Resource driver interface is planned to be removed in
|
|
||||||
the 'O' release of OpenStack.
|
|
||||||
|
@ -1,6 +1,8 @@
|
|||||||
---
|
---
|
||||||
features:
|
features:
|
||||||
- keystone-manage now supports the bootstrap command
|
- >
|
||||||
|
[`blueprint bootstrap <https://blueprints.launchpad.net/keystone/+spec/bootstrap>`_]
|
||||||
|
keystone-manage now supports the bootstrap command
|
||||||
on the CLI so that a keystone install can be
|
on the CLI so that a keystone install can be
|
||||||
initialized without the need of the admin_token
|
initialized without the need of the admin_token
|
||||||
filter in the paste-ini.
|
filter in the paste-ini.
|
||||||
@ -9,7 +11,7 @@ security:
|
|||||||
to the use of a proper username/password. Historically
|
to the use of a proper username/password. Historically
|
||||||
the admin_token filter has been left enabled in
|
the admin_token filter has been left enabled in
|
||||||
Keystone after initialization due to the way CMS
|
Keystone after initialization due to the way CMS
|
||||||
systems work. Moving to an out-of-band initialization
|
systems work. Moving to an out-of-band initialization using
|
||||||
will eliminate the security concerns around a static
|
``keystone-manage bootstrap`` will eliminate the security concerns around
|
||||||
shared string that conveys admin access to Keystone
|
a static shared string that conveys admin access to keystone
|
||||||
and therefore to the entire installation.
|
and therefore to the entire installation.
|
||||||
|
@ -2,13 +2,13 @@
|
|||||||
upgrade:
|
upgrade:
|
||||||
- >
|
- >
|
||||||
[`bug 1473553 <https://bugs.launchpad.net/keystone/+bug/1473553>`_]
|
[`bug 1473553 <https://bugs.launchpad.net/keystone/+bug/1473553>`_]
|
||||||
The ``keystone-paste.ini`` must be updated to put the ``admin_token_auth``
|
The `keystone-paste.ini` must be updated to put the ``admin_token_auth``
|
||||||
middleware before ``build_auth_context``. See the sample
|
middleware before ``build_auth_context``. See the sample
|
||||||
``keystone-paste.ini`` for the correct ``pipeline`` value. Having
|
`keystone-paste.ini` for the correct `pipeline` value. Having
|
||||||
``admin_token_auth`` after ``build_auth_context`` is deprecated and will
|
``admin_token_auth`` after ``build_auth_context`` is deprecated and will
|
||||||
not be supported in a future release.
|
not be supported in a future release.
|
||||||
deprecations:
|
deprecations:
|
||||||
- >
|
- >
|
||||||
[`blueprint deprecated-as-of-mitaka <https://blueprints.launchpad.net/keystone/+spec/deprecated-as-of-mitaka>`_]
|
[`blueprint deprecated-as-of-mitaka <https://blueprints.launchpad.net/keystone/+spec/deprecated-as-of-mitaka>`_]
|
||||||
The ``admin_token_auth`` filter must now be placed before the
|
The ``admin_token_auth`` filter must now be placed before the
|
||||||
``build_auth_context`` filter in ``keystone-paste.ini``.
|
``build_auth_context`` filter in `keystone-paste.ini`.
|
||||||
|
@ -3,5 +3,5 @@ features:
|
|||||||
- >
|
- >
|
||||||
[`bug 1519210 <https://bugs.launchpad.net/keystone/+bug/1519210>`_]
|
[`bug 1519210 <https://bugs.launchpad.net/keystone/+bug/1519210>`_]
|
||||||
A user may now opt-out of notifications by specifying a list of
|
A user may now opt-out of notifications by specifying a list of
|
||||||
`event_types` using the ``notification_opt_out`` option in `keystone.conf`.
|
event types using the `notification_opt_out` option in `keystone.conf`.
|
||||||
These events are never sent to a messaging service.
|
These events are never sent to a messaging service.
|
||||||
|
@ -2,20 +2,20 @@
|
|||||||
features:
|
features:
|
||||||
- >
|
- >
|
||||||
[`bug 1542417 <https://bugs.launchpad.net/keystone/+bug/1542417>`_]
|
[`bug 1542417 <https://bugs.launchpad.net/keystone/+bug/1542417>`_]
|
||||||
Added support for a "user_description_attribute" mapping
|
Added support for a `user_description_attribute` mapping
|
||||||
to the LDAP driver configuration.
|
to the LDAP driver configuration.
|
||||||
upgrade:
|
upgrade:
|
||||||
- >
|
- >
|
||||||
The LDAP driver now also maps the user "description" attribute after
|
The LDAP driver now also maps the user description attribute after
|
||||||
user retrieval from LDAP.
|
user retrieval from LDAP.
|
||||||
If this is undesired behavior for your setup, please add "description"
|
If this is undesired behavior for your setup, please add `description`
|
||||||
to the "user_attribute_ignore" LDAP driver config setting.
|
to the `user_attribute_ignore` LDAP driver config setting.
|
||||||
|
|
||||||
The default mapping of the description attribute is set to "description".
|
The default mapping of the description attribute is set to `description`.
|
||||||
Please adjust the LDAP driver config setting "user_description_attribute"
|
Please adjust the LDAP driver config setting `user_description_attribute`
|
||||||
if your LDAP uses a different attribute name (for instance to "displayName"
|
if your LDAP uses a different attribute name (for instance to `displayName`
|
||||||
in case of an AD backed LDAP).
|
in case of an AD backed LDAP).
|
||||||
|
|
||||||
If your "user_additional_attribute_mapping" setting contains
|
If your `user_additional_attribute_mapping` setting contains
|
||||||
"description:description" you can remove this mapping, since this is
|
`description:description` you can remove this mapping, since this is
|
||||||
now default behavior of the driver.
|
now the default behavior.
|
||||||
|
@ -1,5 +1,5 @@
|
|||||||
---
|
---
|
||||||
fixes:
|
features:
|
||||||
- >
|
- >
|
||||||
[`bug 1526462 <https://bugs.launchpad.net/keystone/+bug/1526462>`_]
|
[`bug 1526462 <https://bugs.launchpad.net/keystone/+bug/1526462>`_]
|
||||||
Support for posixGroups with OpenDirectory and UNIX when using
|
Support for posixGroups with OpenDirectory and UNIX when using
|
||||||
|
@ -4,7 +4,7 @@ deprecations:
|
|||||||
[`blueprint deprecated-as-of-mitaka <https://blueprints.launchpad.net/keystone/+spec/deprecated-as-of-mitaka>`_]
|
[`blueprint deprecated-as-of-mitaka <https://blueprints.launchpad.net/keystone/+spec/deprecated-as-of-mitaka>`_]
|
||||||
As of the Mitaka release, the PKI and PKIz token formats have been
|
As of the Mitaka release, the PKI and PKIz token formats have been
|
||||||
deprecated. They will be removed in the 'O' release. Due to this change,
|
deprecated. They will be removed in the 'O' release. Due to this change,
|
||||||
the ``hash_algorithm`` option in the ``[token]`` section of the
|
the `hash_algorithm` option in the `[token]` section of the
|
||||||
configuration file has also been deprecated. Also due to this change, the
|
configuration file has also been deprecated. Also due to this change, the
|
||||||
``keystone-manage pki_setup`` command has been deprecated as well.
|
``keystone-manage pki_setup`` command has been deprecated as well.
|
||||||
- >
|
- >
|
||||||
@ -16,8 +16,8 @@ deprecations:
|
|||||||
removed in the 'O' release.
|
removed in the 'O' release.
|
||||||
- >
|
- >
|
||||||
[`blueprint deprecated-as-of-mitaka <https://blueprints.launchpad.net/keystone/+spec/deprecated-as-of-mitaka>`_]
|
[`blueprint deprecated-as-of-mitaka <https://blueprints.launchpad.net/keystone/+spec/deprecated-as-of-mitaka>`_]
|
||||||
As of the Mitaka release, the auth plugin ``keystone.auth.plugins.saml2.Saml2``
|
As of the Mitaka release, the auth plugin `keystone.auth.plugins.saml2.Saml2`
|
||||||
has been deprecated. It is recommended to use ``keystone.auth.plugins.mapped.Mapped``
|
has been deprecated. It is recommended to use `keystone.auth.plugins.mapped.Mapped`
|
||||||
instead. The ``saml2`` plugin will be removed in the 'O' release.
|
instead. The ``saml2`` plugin will be removed in the 'O' release.
|
||||||
- >
|
- >
|
||||||
[`blueprint deprecated-as-of-mitaka <https://blueprints.launchpad.net/keystone/+spec/deprecated-as-of-mitaka>`_]
|
[`blueprint deprecated-as-of-mitaka <https://blueprints.launchpad.net/keystone/+spec/deprecated-as-of-mitaka>`_]
|
||||||
|
@ -2,5 +2,5 @@
|
|||||||
features:
|
features:
|
||||||
- >
|
- >
|
||||||
[`bug 1525317 <https://bugs.launchpad.net/keystone/+bug/1525317>`_]
|
[`bug 1525317 <https://bugs.launchpad.net/keystone/+bug/1525317>`_]
|
||||||
Enable filtering of identity providers based on ``id``, and ``enabled``
|
Enable filtering of identity providers based on `id`, and `enabled`
|
||||||
attributes.
|
attributes.
|
||||||
|
@ -1,9 +1,10 @@
|
|||||||
---
|
---
|
||||||
upgrade:
|
upgrade:
|
||||||
- >
|
- >
|
||||||
The default setting for the os_inherit configuration option is
|
The default setting for the `os_inherit` configuration option is
|
||||||
changed to True. If it is required to continue with this portion
|
changed to True. If it is required to continue with this portion
|
||||||
of the API disabled, then override the default setting by explicitly
|
of the API disabled, then override the default setting by explicitly
|
||||||
specifying the os_inherit option as False. Now this option is marked
|
specifying the os_inherit option as False.
|
||||||
as deprecated. In the future, this option will be removed and this
|
deprecations:
|
||||||
portion of the API will be always enabled.
|
- The `os_inherit` configuration option is disabled. In the future, this
|
||||||
|
option will be removed and this portion of the API will be always enabled.
|
||||||
|
@ -3,5 +3,5 @@ fixes:
|
|||||||
- >
|
- >
|
||||||
[`bug 1516469 <https://bugs.launchpad.net/keystone/+bug/1516469>`_]
|
[`bug 1516469 <https://bugs.launchpad.net/keystone/+bug/1516469>`_]
|
||||||
Endpoints filtered by endpoint_group project association will be
|
Endpoints filtered by endpoint_group project association will be
|
||||||
included in catalog when issue a project scoped token and using
|
included in the service catalog when a project scoped token is issued and
|
||||||
``endpoint_filter.sql`` as catalog's backend driver.
|
``endpoint_filter.sql`` is used for the catalog driver.
|
||||||
|
@ -1,7 +1,7 @@
|
|||||||
---
|
---
|
||||||
upgrade:
|
upgrade:
|
||||||
- >
|
- >
|
||||||
The ``keystone-paste.ini`` file must be updated to remove extension
|
The `keystone-paste.ini` file must be updated to remove extension
|
||||||
filters, and their use in ``[pipeline:api_v3]``.
|
filters, and their use in ``[pipeline:api_v3]``.
|
||||||
Remove the following filters: ``[filter:oauth1_extension]``,
|
Remove the following filters: ``[filter:oauth1_extension]``,
|
||||||
``[filter:federation_extension]``, ``[filter:endpoint_filter_extension]``,
|
``[filter:federation_extension]``, ``[filter:endpoint_filter_extension]``,
|
||||||
@ -9,7 +9,7 @@ upgrade:
|
|||||||
<https://git.openstack.org/cgit/openstack/keystone/tree/etc/keystone-paste.ini>`_
|
<https://git.openstack.org/cgit/openstack/keystone/tree/etc/keystone-paste.ini>`_
|
||||||
file for guidance.
|
file for guidance.
|
||||||
- >
|
- >
|
||||||
The ``keystone-paste.ini`` file must be updated to remove extension filters,
|
The `keystone-paste.ini` file must be updated to remove extension filters,
|
||||||
and their use in ``[pipeline:public_api]`` and ``[pipeline:admin_api]`` pipelines.
|
and their use in ``[pipeline:public_api]`` and ``[pipeline:admin_api]`` pipelines.
|
||||||
Remove the following filters: ``[filter:user_crud_extension]``,
|
Remove the following filters: ``[filter:user_crud_extension]``,
|
||||||
``[filter:crud_extension]``. See the sample `keystone-paste.ini
|
``[filter:crud_extension]``. See the sample `keystone-paste.ini
|
||||||
|
@ -4,9 +4,9 @@ features:
|
|||||||
[`blueprint implied-roles <https://blueprints.launchpad.net/keystone/+spec/implied-roles>`_]
|
[`blueprint implied-roles <https://blueprints.launchpad.net/keystone/+spec/implied-roles>`_]
|
||||||
Keystone now supports creating implied roles. Role inference rules can now
|
Keystone now supports creating implied roles. Role inference rules can now
|
||||||
be added to indicate when the assignment of one role implies the assignment
|
be added to indicate when the assignment of one role implies the assignment
|
||||||
of another. The rules are of the form ``prior_role`` implies
|
of another. The rules are of the form `prior_role` implies
|
||||||
``implied_role``. At token generation time, user/group assignments of roles
|
`implied_role`. At token generation time, user/group assignments of roles
|
||||||
that have implied roles will be expanded to also include such roles in the
|
that have implied roles will be expanded to also include such roles in the
|
||||||
token. The expansion of implied roles is controlled by the
|
token. The expansion of implied roles is controlled by the
|
||||||
``prohibited_implied_role`` option in the ``[assignment]``
|
`prohibited_implied_role` option in the `[assignment]`
|
||||||
section of `keystone.conf`.
|
section of `keystone.conf`.
|
||||||
|
@ -1,7 +1,7 @@
|
|||||||
---
|
---
|
||||||
upgrade:
|
upgrade:
|
||||||
- A new config option, ``insecure_debug``, is added to control whether debug
|
- A new config option, `insecure_debug`, is added to control whether debug
|
||||||
information is returned to clients. This used to be controlled by the
|
information is returned to clients. This used to be controlled by the
|
||||||
``debug`` option. If you'd like to return extra information to clients
|
`debug` option. If you'd like to return extra information to clients
|
||||||
set the value to ``true``. This extra information may help an attacker.
|
set the value to ``true``. This extra information may help an attacker.
|
||||||
|
|
||||||
|
@ -2,7 +2,7 @@
|
|||||||
features:
|
features:
|
||||||
- >
|
- >
|
||||||
[`bug 1515302 <https://bugs.launchpad.net/keystone/+bug/1515302>`_]
|
[`bug 1515302 <https://bugs.launchpad.net/keystone/+bug/1515302>`_]
|
||||||
Two new configuration options have been added to the ``[ldap]`` section.
|
Two new configuration options have been added to the `[ldap]` section.
|
||||||
``user_enabled_emulation_use_group_config`` and
|
`user_enabled_emulation_use_group_config` and
|
||||||
``project_enabled_emulation_use_group_config``, which allow deployers to
|
`project_enabled_emulation_use_group_config`, which allow deployers to
|
||||||
choose if they want to override the default group LDAP schema option.
|
choose if they want to override the default group LDAP schema option.
|
||||||
|
@ -2,5 +2,4 @@
|
|||||||
upgrade:
|
upgrade:
|
||||||
- >
|
- >
|
||||||
[`bug 1541092 <https://bugs.launchpad.net/keystone/+bug/1541092>`_]
|
[`bug 1541092 <https://bugs.launchpad.net/keystone/+bug/1541092>`_]
|
||||||
Database schema migrations have been squashed. Only database upgrades from
|
Only database upgrades from Kilo and newer are supported.
|
||||||
Kilo and newer are supported.
|
|
||||||
|
@ -3,4 +3,5 @@ other:
|
|||||||
- >
|
- >
|
||||||
``keystone-manage db_sync`` will no longer create the Default domain. This
|
``keystone-manage db_sync`` will no longer create the Default domain. This
|
||||||
domain is used as the domain for any users created using the legacy v2.0
|
domain is used as the domain for any users created using the legacy v2.0
|
||||||
API. A default domain is created by ``keystone-manage bootstrap``.
|
API. A default domain is created by ``keystone-manage bootstrap`` and when
|
||||||
|
a user or project is created using the legacy v2.0 API.
|
||||||
|
@ -1,9 +1,9 @@
|
|||||||
---
|
---
|
||||||
upgrade:
|
upgrade:
|
||||||
- >
|
- >
|
||||||
Keystone now uses oslo.cache. Update the ``[cache]`` section of
|
Keystone now uses oslo.cache. Update the `[cache]` section of
|
||||||
``keystone.conf`` to point to oslo.cache backends:
|
`keystone.conf` to point to oslo.cache backends:
|
||||||
``oslo_cache.memcache_pool`` or ``oslo_cache.mongo``, refer to the
|
``oslo_cache.memcache_pool`` or ``oslo_cache.mongo``. Refer to the
|
||||||
sample configuration file for examples. See `oslo.cache
|
sample configuration file for examples. See `oslo.cache
|
||||||
<http://docs.openstack.org/developer/oslo.cache>`_ for additional
|
<http://docs.openstack.org/developer/oslo.cache>`_ for additional
|
||||||
documentation.
|
documentation.
|
||||||
|
@ -1,11 +1,7 @@
|
|||||||
---
|
---
|
||||||
features:
|
features:
|
||||||
- Domains are now represented as top level projects with the attribute
|
- Domains are now represented as top level projects with the attribute
|
||||||
``is_domain`` set to true. Such projects will appears as parents for any
|
`is_domain` set to true. Such projects will appear as parents for any
|
||||||
previous top level projects. Projects acting as domains can be created,
|
previous top level projects. Projects acting as domains can be created,
|
||||||
read, update and deleted via either the project API or the domain API.
|
read, updated, and deleted via either the project API or the domain API
|
||||||
upgrade:
|
(V3 only).
|
||||||
- The contents of the sql domain table are migrated to the sql project
|
|
||||||
table. Although the domain table (and its contents) are not removed in this
|
|
||||||
upgrade, they are no longer referenced. They will be removed in a future
|
|
||||||
upgrade.
|
|
||||||
|
@ -4,4 +4,4 @@ features:
|
|||||||
[`bug 1500222 <https://bugs.launchpad.net/keystone/+bug/1500222>`_]
|
[`bug 1500222 <https://bugs.launchpad.net/keystone/+bug/1500222>`_]
|
||||||
Added information such as: user ID, project ID, and domain ID to log
|
Added information such as: user ID, project ID, and domain ID to log
|
||||||
entries. As a side effect of this change, both the user's domain ID and
|
entries. As a side effect of this change, both the user's domain ID and
|
||||||
project's domain ID are now included in ``auth_context``.
|
project's domain ID are now included in the auth context.
|
||||||
|
@ -3,7 +3,7 @@ features:
|
|||||||
- >
|
- >
|
||||||
[`blueprint totp-auth <https://blueprints.launchpad.net/keystone/+spec/totp-auth>`_]
|
[`blueprint totp-auth <https://blueprints.launchpad.net/keystone/+spec/totp-auth>`_]
|
||||||
Keystone now supports authenticating via Time-based One-time Password (TOTP).
|
Keystone now supports authenticating via Time-based One-time Password (TOTP).
|
||||||
To enable this feature, add the ``totp`` auth plugin to the ``methods``
|
To enable this feature, add the ``totp`` auth plugin to the `methods`
|
||||||
option in the ``[auth]`` section of ``keystone.conf``. More information
|
option in the `[auth]` section of `keystone.conf`. More information
|
||||||
about using TOTP can be found in `keystone's documentation
|
about using TOTP can be found in `keystone's developer documentation
|
||||||
<http://docs.openstack.org/developer/keystone/auth-totp.html>`_.
|
<http://docs.openstack.org/developer/keystone/auth-totp.html>`_.
|
||||||
|
@ -1,7 +1,5 @@
|
|||||||
---
|
---
|
||||||
upgrade:
|
deprecations:
|
||||||
- The V8 Federation driver interface is deprecated, but still supported in
|
- The V8 Federation driver interface is deprecated in favor of the V9
|
||||||
Mitaka, so any custom drivers based on the V8 interface should still work.
|
Federation driver interface. Support for the V8 Federation driver
|
||||||
other:
|
interface is planned to be removed in the 'O' release of OpenStack.
|
||||||
- Support for the V8 Federation driver interface is planned to be removed in
|
|
||||||
the 'O' release of OpenStack.
|
|
||||||
|
@ -2,5 +2,5 @@
|
|||||||
features:
|
features:
|
||||||
- >
|
- >
|
||||||
[`blueprint x509-ssl-client-cert-authn <https://blueprints.launchpad.net/keystone/+spec/x509-ssl-client-cert-authn>`_]
|
[`blueprint x509-ssl-client-cert-authn <https://blueprints.launchpad.net/keystone/+spec/x509-ssl-client-cert-authn>`_]
|
||||||
Support tokenless client SSL x.509 certificate authentication and
|
Keystone now supports tokenless client SSL x.509 certificate authentication
|
||||||
authorization.
|
and authorization.
|
||||||
|
Loading…
Reference in New Issue
Block a user